fef75e5417
remove part file extension before we read a filekey to reuse a existing key if possible, otherwise stuff like versioning will break
2015-05-22 12:12:31 +02:00
4e93d9e3a2
remove logo-wide from tests
2015-05-21 22:40:26 +02:00
5a20edac82
test to simulate a non-seekable stream wrapper
2015-05-21 14:15:26 +02:00
38bceb0d74
distinguish between source and target mount point to allow copy/rename between system wide mount points and user specific mountpoints
2015-05-21 14:06:45 +02:00
22968e806c
Get correct mimetype when moving and changing extension
...
Fixes issue when restoring folders from trash cross-storage, as such
folders have an extension ".d12345678".
Fixes issue when moving folders between storages and at the same time
changing their extension.
2015-05-21 10:57:58 +02:00
39d1e99228
Merge pull request #16322 from owncloud/trash-view
...
dont go trough the view when moving to trash
2015-05-20 14:44:01 +02:00
7386257676
Merge pull request #16075 from owncloud/skeleton-copy-delay
...
wait with copying the skeleton untill login and setupfs are done
2015-05-20 13:52:08 +02:00
a62190a72d
Add support for disallowing domains to the ContentSecurityPolicy
...
For enhanced security it is important that there is also a way to disallow domains, including the default ones.
With this commit every method gets added a new "disallow" function.
2015-05-20 11:44:37 +02:00
2213d6597c
add tests for copyFromStorage with same storage
2015-05-19 17:30:32 +02:00
fdbc21fc6c
Scrutinizer Auto-Fixes
...
This commit consists of patches automatically generated for this project on https://scrutinizer-ci.com
2015-05-19 11:23:06 +00:00
5f4e0863f5
Merge pull request #16420 from owncloud/update-useconfigtableprefix
...
Add unit test for migrator with different prefix
2015-05-19 12:19:46 +02:00
a52afb040a
Merge pull request #15965 from owncloud/conditional-logging
...
Conditional logging
2015-05-19 12:00:19 +02:00
fabdc4ba9d
Add unit test for migrator with different prefix
2015-05-19 10:43:14 +02:00
1c411baf17
Merge pull request #16412 from owncloud/jknockaert-patch-1
...
fix #16356
2015-05-18 19:26:40 +02:00
f9b6ee86cd
Merge pull request #16399 from owncloud/enc_rmdir_fix
...
[encryption] only try to delete file keys if it is a valid path
2015-05-18 11:09:36 -04:00
1c500487ba
add a unit test to make sure that we don't try to read a file during a write operation
2015-05-18 17:00:54 +02:00
a1e60e7882
Merge pull request #15980 from owncloud/jknockaert-patch-1
...
fix bug #15973
2015-05-18 15:01:16 +02:00
d683752b37
Sort user groups by group name and hide the user count
2015-05-18 12:55:19 +02:00
a5d652a6b8
fix tests
2015-05-18 12:11:31 +02:00
415f16eb24
fix tests
2015-05-18 12:11:31 +02:00
62e6c46216
correct testSeek
2015-05-18 11:55:48 +02:00
efa674f10d
only try to delete file keys if it is a valid path
2015-05-18 11:54:51 +02:00
7e271012b2
Merge pull request #16243 from owncloud/error_if_download_failed
...
redirect to error page if download failed
2015-05-18 11:42:55 +02:00
9a71eddaf9
work on tests
...
Tests reorganised and extended
2015-05-18 11:32:29 +02:00
7ee3f99a4a
Merge pull request #16364 from owncloud/add-warning-webdav
...
Add notice that WebDAV interface is not intended for browsers
2015-05-18 11:28:47 +02:00
887be709f5
a new approach to display the error message
2015-05-18 10:15:17 +02:00
4c9734f630
Test overriding channel
2015-05-15 22:37:14 +03:00
246000f799
Merge pull request #16176 from owncloud/fix-provisioning-api-set-quota
...
Validate the quota value to be a correct value
2015-05-15 18:07:13 +02:00
0991c0cc02
Merge pull request #16292 from owncloud/webdav-storage-fireprehooks
...
Fire prehooks when uploading directly to storage
2015-05-15 15:08:27 +02:00
eab55aa959
Properly log out test users in unit tests
2015-05-15 12:33:17 +02:00
54ef098867
Add unit tests for \OC\Connector\Sabre\DummyGetResponsePlugin
2015-05-15 09:08:10 +02:00
3cae0135ad
Fire prehooks when uploading directly to storage
2015-05-13 17:47:04 +02:00
4789e87a53
Merge pull request #16276 from owncloud/dav-quota-root
...
fix webdav quota check for the root of the dav endpoint
2015-05-13 14:43:02 +02:00
1f7df3eba8
Added unit test to quota plugin for free_space argument
2015-05-13 13:58:01 +02:00
d6becb8d82
add repair steps to get rid of old background jobs
2015-05-12 18:19:44 +02:00
fbe4b77c49
Merge pull request #16228 from owncloud/enc_fix_restore
...
use hooks to update encryption keys
2015-05-12 13:10:16 +02:00
b11c0c533e
Merge pull request #16233 from owncloud/enc_fix_check_if_file_is_excluded
...
fix check if a file is excluded from encryption
2015-05-12 09:12:38 +02:00
9dd517071e
fix check if file is excluded from encryption
2015-05-11 12:38:59 +02:00
dfed287dc0
Use insertIfNotExists to avoid problems with parallel calls
2015-05-11 12:38:33 +02:00
39497b9c3a
Add a test for parallel insert
2015-05-11 12:29:28 +02:00
2916b0ba76
Always test the object and the legacy class
2015-05-11 12:22:23 +02:00
0d5c7a11e2
use hooks to update encryption keys instead of the storage wrapper if a file gets renamed/restored, as long as we
...
are in the storage wrapper the file cache isn't up-to-date
2015-05-11 12:06:57 +02:00
e79c255cab
Conditional logging
...
* Log condition for log level increase based on conditions. Once one of these
conditions is met, the required log level is set to debug. This allows to
debug specific requests, users or apps
* Supported conditions (setting `log_condition` in `config.php`):
- `shared_secret`: if a request parameter with the name `log_secret` is set to
this value the condition is met
- `users`: if the current request is done by one of the specified users,
this condition is met
- `apps`: if the log message is invoked by one of the specified apps,
this condition is met
* fix unit test and add app log condition test
2015-05-08 15:58:33 +02:00
3de7f58321
remove file cache classes and its tests
2015-05-08 14:05:54 +02:00
15d134124b
Validate the quota value to be a correct value
2015-05-07 17:56:13 +02:00
4f6ecd3da6
\OC\Connector\Sabre\CopyEtagHeaderPlugin constructor does not take arguments.
2015-05-07 12:24:06 +02:00
aea734aaf1
Fix missing types on doc block and deduplicate the method name
2015-05-06 14:31:10 +02:00
dc39bda870
move/copy from storage
2015-05-06 14:20:02 +02:00
83ed4ee5b6
unit tests
2015-05-06 12:28:15 +02:00
874d35b27a
Merge pull request #16070 from owncloud/enc_update_file_cache_on_copy
...
make sure that we keep the correct encrypted-flag and the (unencrypted)size
2015-05-06 10:28:10 +02:00
7089af96f2
make sure that we keep the correct encrypted-flag and the (unencrypted)size if a file gets copied
2015-05-05 16:17:14 +02:00
493844eda4
add positive tests for operator in code checker
2015-05-05 13:09:12 +02:00
aae098c24a
Check usage of != and == - refs #16054
2015-05-05 12:59:33 +02:00
59c657da53
Merge pull request #15772 from owncloud/issue-15771-dont-restrict-permissions-for-share-owner
...
Do not restrict permissions for the original owner
2015-05-04 15:07:37 +02:00
7376ea9b26
Merge pull request #15584 from owncloud/enc_fix_upload_shared_folder
...
skip user if we don't have a public key
2015-05-04 09:57:19 +02:00
ba7d221cff
allow getting the path from the lockedexception
2015-04-30 14:48:42 +02:00
8119b8b040
add tests for castrait
2015-04-30 14:48:39 +02:00
96f9573a4b
add memcache based shared/exclusive locking
2015-04-30 14:48:39 +02:00
acf30ede95
add compare and swap to memcache
2015-04-30 14:48:39 +02:00
29213b6136
extends memcache with add, inc and dec
2015-04-30 14:48:36 +02:00
cf4a6874fb
Allow setting protected properties
2015-04-30 12:04:02 +02:00
09d479e79d
Add a test to share a subfolder of a folder shared with the owner by group
2015-04-29 13:33:20 +02:00
8c7db2536d
Merge pull request #15596 from owncloud/issue/15589
...
Correctly generate the feedback URL for remote share
2015-04-29 10:52:43 +02:00
7df7a3b360
Merge pull request #15906 from rullzer/fix_15777
...
Password set via OCS API should not be double escaped
2015-04-29 10:44:25 +02:00
34d0e610cc
Filter potential dangerous filenames for avatars
...
We don't want to have users misusing this API resulting in a potential file disclosure of "avatar.(jpg|png)" files.
2015-04-28 16:57:23 +02:00
b55ef51a27
Add tests for the correct share id on the call aswell
2015-04-28 14:56:13 +02:00
02269b6464
Added unit test
2015-04-28 14:00:36 +02:00
02c60949dd
make scrutinizer happy
2015-04-28 11:28:54 +02:00
d146c13abd
Add tests for the remote sharing url
2015-04-28 11:28:54 +02:00
de8c15e1a4
Merge pull request #14764 from owncloud/shared-etag-propagate
...
Propagate etags across shared storages
2015-04-28 10:58:50 +02:00
7d0eba7a41
Merge pull request #15886 from owncloud/fix-15848-master
...
Adjust isLocal() on encryption wrapper
2015-04-27 15:06:26 +02:00
678b7d7e4d
Merge pull request #15860 from owncloud/enc_fallback_old_encryption
...
[encryption] handle encrypted files correctly which where encrypted with a old version of ownCloud (<=oc6)
2015-04-27 14:32:19 +02:00
936d564058
fixes #15848
2015-04-27 14:26:05 +02:00
6bf0579622
fix test
2015-04-27 14:07:16 +02:00
be55a90323
dont use our now non existing hook
2015-04-27 14:07:15 +02:00
27683f9442
fall back to the ownCloud default encryption module and aes128 if we read a encrypted file without a header
2015-04-27 13:01:18 +02:00
8f61fbb81f
Fix new tests
2015-04-27 11:10:31 +02:00
d600955a51
Make getDefaultModuleId public and get module protected
2015-04-27 11:03:51 +02:00
4e97228cde
Deduplicate module mock
2015-04-27 11:03:51 +02:00
4b7ae395f2
Add test for setDefaultEncryptionModule
2015-04-27 11:03:51 +02:00
b35379515c
Add a test that the default module is returned before we fall back
2015-04-27 11:03:50 +02:00
4dfdaf741c
Merge pull request #15834 from owncloud/make-temporary-file-really-unique
...
Fix collision on temporary files + adjust permissions
2015-04-25 23:18:26 +02:00
b9df932e3c
Merge pull request #15683 from owncloud/block-legacy-clients
...
Block old legacy clients
2015-04-24 18:21:10 +02:00
9a5783b284
fix unit tests
2015-04-24 16:47:27 +02:00
4554df2512
enable testWriteWriteRead
2015-04-24 16:44:00 +02:00
18a1225b0c
enable testRewind
2015-04-24 16:44:00 +02:00
27ea23ea6b
Update encryption.php
2015-04-24 16:44:00 +02:00
d6841aa706
disable r+ test
2015-04-24 16:44:00 +02:00
7a34f75da6
add two tests
...
testRewind tests reading and writing after rewind on an encrypted stream; testWriteWriteRead tests r+ mode
2015-04-24 16:44:00 +02:00
4334e77035
Merge pull request #15839 from owncloud/enc_fix_moving_shared_files
...
[encryption] fix moving files to a shared folder
2015-04-24 15:07:36 +02:00
411f7893bf
Add test "operation on keys failed"
2015-04-24 14:27:23 +02:00
781cfff221
Deduplicate data provider and fix method visibility
2015-04-24 13:12:45 +02:00
24128d1384
only update share keys if the file was encrypted
2015-04-24 10:19:09 +02:00
2646bccb83
update share keys if file gets copied
2015-04-23 17:18:48 +02:00
2990b0e07e
update share keys if a file is moved to a shared folder
2015-04-23 17:18:48 +02:00
ab9ea97d3a
Catch not existing User-Agent header
...
In case of an not sent UA header consider the client as valid
2015-04-23 16:33:51 +02:00
155ae44bc6
Fix collision on temporary files + adjust permissions
...
This changeset hardens the temporary file and directory creation to address multiple problems that may lead to exposure of files to other users, data loss or other unexpected behaviour that is impossible to debug.
**[CWE-668: Exposure of Resource to Wrong Sphere](https://cwe.mitre.org/data/definitions/668.html )**
The temporary file and folder handling as implemented in ownCloud is performed using a MD5 hash over `time()` concatenated with `rand()`. This is insufficiently and leads to the following security problems:
The generated filename could already be used by another user. It is not verified whether the file is already used and thus temporary files might be used for another user as well resulting in all possible stuff such as "user has file of other user".
Effectively this leaves us with:
1. A timestamp based on seconds (no entropy at all)
2. `rand()` which returns usually a number between 0 and 2,147,483,647
Considering the birthday paradox and that we use this method quite often (especially when handling external storage) this is quite error prone and needs to get addressed.
This behaviour has been fixed by using `tempnam` instead for single temporary files. For creating temporary directories an additional postfix will be appended, the solution is for directories still not absolutely bulletproof but the best I can think about at the moment. Improvement suggestions are welcome.
**[CWE-378: Creation of Temporary File With Insecure Permissions](https://cwe.mitre.org/data/definitions/378.html )**
Files were created using `touch()` which defaults to a permission of 0644. Thus other users on the machine may read potentially sensitive information as `/tmp/` is world-readable. However, ownCloud always encourages users to use a dedicated machine to run the ownCloud instance and thus this is no a high severe issue. Permissions have been adjusted to 0600.
**[CWE-379: Creation of Temporary File in Directory with Incorrect Permissions](https://cwe.mitre.org/data/definitions/379.html )**
Files were created using `mkdir()` which defaults to a permission of 0777. Thus other users on the machine may read potentially sensitive information as `/tmp/` is world-readable. However, ownCloud always encourages users to use a dedicated machine to run the ownCloud instance and thus this is no a high severe issue. Permissions have been adjusted to 0700.Please enter the commit message for your changes.
2015-04-23 15:07:54 +02:00
b88d0ba0ac
Delete temp files after testing encryption stream wrapper
2015-04-23 13:42:18 +02:00
ed0b465cf9
Use 403 instead a 50x response
2015-04-20 12:53:40 +02:00
4ea205e262
Block old legacy clients
...
This Pull Request introduces a SabreDAV plugin that will block all older clients than 1.6.1 to connect and sync with the ownCloud instance.
This has multiple reasons:
1. Old ownCloud client versions before 1.6.0 are not properly working with sticky cookies for load balancers and thus generating sessions en masse
2. Old ownCloud client versions tend to be horrible buggy
In some cases we had in 80minutes about 10'000 sessions created by a single user. While this change set does not really "fix" the problem as 3rdparty legacy clients are affected as well, it is a good work-around and hopefully should force users to update their client
2015-04-20 11:12:17 +02:00
8f51efc49e
get rid of OC_Geo
2015-04-19 20:16:56 +02:00
758b2332f0
Use data provider instead of hand-crafted for loops
...
* reduces scrutinizer complains
* uses PHPUnit functionality
2015-04-18 15:19:33 +02:00
7d4b1b52d0
always create a new instance of the encryption module
2015-04-17 10:31:33 +02:00
b25c06f576
detect system wide mount points correctly
2015-04-16 14:15:04 +02:00
e3d77c4b01
add migration script from old encryption to new one
2015-04-16 14:15:04 +02:00
903d52d45f
Merge pull request #15809 from owncloud/view-null-root
...
dont allow using null as view root
2015-04-22 18:10:26 +02:00
e302213248
add unit tests for null handling in view
2015-04-22 16:24:25 +02:00
225cde2183
pass KeyStorage via ctor
2015-04-22 13:09:42 +02:00
987bc138df
calling renameKeys() on directory level as well - fixes #15778
2015-04-22 12:12:27 +02:00
fc4127dd62
add $encryptionModuleId to methods of Keys/IStorage
2015-04-22 11:53:05 +02:00
570718fb6b
Merge pull request #15757 from owncloud/enc-fixfeofforlastblock
...
Fix encryption feof to not return too early
2015-04-22 11:32:21 +02:00
19e8c4fcb1
get dirname from sharePath
2015-04-21 14:58:01 +02:00
76dad297ff
Fix encryption feof to not return too early
...
This is because stream_read will pre-cache the next block which causes
feof($this->source) to return true prematurely. So we cannot rely on it.
Fixed encryption stream wrapper unit tests to actually simulate 6k/8k
blocks to make sure we cover the matching logic.
Added two data files with 8192 and 8193 bytes.
2015-04-20 18:32:40 +02:00
fe2cbc3795
Merge pull request #15744 from owncloud/fix-inverted-path-in-resourcenotfound
...
Fix wrong path generation
2015-04-20 16:55:36 +02:00
9bc48451b9
Adjust tests and statuscode
2015-04-20 13:00:02 +02:00
21f0476d31
Fix files
2015-04-20 13:00:02 +02:00
9f61cf60d4
Verify if returned object is an array
...
The error has to be thrown at this point as otherwise errors and notices are thrown since the time cannot be parsed in L60 and L61
2015-04-20 12:58:57 +02:00
ddcd79132d
Add tests for correct path
2015-04-20 12:31:35 +02:00
0cf13e9b78
Fix phpStorm complains and namespace
2015-04-20 12:31:07 +02:00
e33e5b425a
Merge pull request #12006 from owncloud/dav-put-storage
...
Work directly on the storage when uploading over webdav
2015-04-15 03:08:52 +02:00
1aa368effe
Merge pull request #15592 from owncloud/fix-15590-master
...
Avoid php message "Invalid argument supplied for foreach()"
2015-04-15 00:14:08 +02:00
4f0437fbde
Merge pull request #15598 from owncloud/fix-enc-file-size-master
...
Fix file size of encrypted files
2015-04-14 16:48:04 +02:00
717723b83e
Remove unneeded comments
2015-04-14 16:44:24 +02:00
308af8b909
pass a stream to the tests
2015-04-14 15:25:52 +02:00
82cab25762
Merge pull request #13360 from owncloud/cross-storage-move
...
Proper copy/move between multiple local storages
2015-04-14 14:35:08 +02:00
cbe30f740e
remove calculateUnencryptedSize() - not needed
2015-04-14 13:08:59 +02:00
88cc52c408
Avoid php message "Invalid argument supplied for foreach()" - refs #15590
2015-04-14 11:00:20 +02:00
5f66f867b6
Merge pull request #15581 from owncloud/deduplicate-oc-repair-namespace
...
Fix namespace duplication and other issues in repairlegacystorages
2015-04-13 21:51:38 +02:00
01da6be4d6
upda tests
2015-04-13 17:10:02 +02:00
d7b3a1a35a
preserve cache data when doing a cross storage move
2015-04-13 17:10:01 +02:00
71de1d58cd
Fix namespace duplication and other issues in repairlegacystorages
2015-04-13 16:34:10 +02:00
0772e3b4c1
Properly handle copy/move failures in cross storage copy/move
2015-04-13 15:13:03 +02:00
31e94708f8
Improve cross storage copy between local storages
2015-04-13 15:13:02 +02:00
2822d0579e
Properly add trailing slash to mount point
...
Fixes resolving mount points when shared mount point's target name has
the same prefix as the source name
2015-04-13 12:36:47 +02:00
906b6b7337
Prevent php message: "Trying to get property of non-object at /xxx/lib/private/ocsclient.php#282"
2015-04-13 09:43:45 +02:00
84041a4fa2
Merge pull request #15541 from owncloud/add-reply-to-support
...
Add "Reply-To" support for sharing mails as well as refactor code and add unit-tests
2015-04-12 22:30:35 +02:00
e3ad99d252
Add "Reply-To" support to sharing mails and refactor code
2015-04-10 17:30:07 +02:00
fafecd1c05
fix cherrypicking
2015-04-10 11:08:24 +02:00
a85bc5538f
fix filesystem and encryption tests
...
Conflicts:
apps/files_encryption/lib/util.php
apps/files_encryption/tests/hooks.php
2015-04-10 09:12:37 +02:00
5abbf6d5b0
Merge pull request #13920 from owncloud/sharing_no_user_entry_for_group_shares
...
only create a db entry for the user in case of a name conflict on group share
2015-04-09 23:37:02 +02:00
0bad8f644a
Merge pull request #15511 from owncloud/fix-typos
...
Fix typos and some other adjustments
2015-04-09 19:23:27 +02:00
06a5a9d0c2
Fix mock object to return proper type
2015-04-09 18:30:45 +02:00
11c3741526
Fix mock object to return proper type
2015-04-09 17:45:57 +02:00
cbcee34eb0
update tests
2015-04-09 14:46:25 +02:00
1d9bd3d31e
Merge pull request #15496 from owncloud/enc-check-if-key-exists-before-deleting
...
Check if the key exists, before trying to delete it
2015-04-09 14:45:40 +02:00
332ea77865
only create a db entry for the user in case of a name conflict on group share
2015-04-09 11:16:08 +02:00
45575d0135
Check if the key exists, before trying to delete it
2015-04-09 10:28:02 +02:00
ba52f6f8fc
Merge pull request #15314 from owncloud/app-categories-15274
...
Add different trust levels to AppStore interface
2015-04-09 10:07:32 +02:00
9c76d068c3
Merge pull request #15196 from owncloud/limit-file-activities-to-favorites
...
Limit file activities to favorites
2015-04-09 00:18:31 +02:00
103d451459
Merge pull request #14987 from rullzer/ocs_password_fix2
...
OCS Fixes to allow setting of password without removing additional settings
2015-04-08 14:44:17 +02:00
Bjoern Schiessle
Jan-Christoph Borchardt
Vincent Petry
Morris Jobke
Lukas Reschke
Robin Appelman
Scrutinizer Auto-Fixer
Thomas Müller
Björn Schießle
Clark Tomlinson
Joas Schilling
jknockaert
Victor Dubiniuk
Joas Schilling
Robin Appelman
Arthur Schiwon
Andreas Fischer
Roeland Jago Douma
Georg Ehrke
Jörn Friedrich Dreyer